package com.wetsion.securityoauthdemo.rmsclient.config;

import com.wetsion.securityoauthdemo.rmsclient.filter.RmsOauthFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

import java.util.Arrays;

/**
 * @author weixin
 * @version 1.0
 * @CLassName SercurityConfig
 * @date 2019/3/7 11:52 AM
 */
@Configuration
@EnableWebSecurity
public class SercurityConfig extends WebSecurityConfigurerAdapter {

//    @Autowired
//    OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationProcessingFilter;

    @Autowired
    private RmsOauthFilter rmsOauthFilter;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.authorizeRequests().antMatchers("/login").permitAll()
        http.authorizeRequests().anyRequest().permitAll()
//                .anyRequest().authenticated()
                .and()
//                .addFilterBefore(rmsOauthFilter, BasicAuthenticationFilter.class)
                .csrf().disable();
    }
}
